package com.example.demo3_drug.config;


import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;
import java.util.Map;


/**
 *权限控制Shiro配置
 * */
@Configuration
public class ShiroFilterConfiguration {


    /**
     * 创建过滤工厂
     * */
    @Bean // 使用在方法上，标注将该方法的返回值存储到Spring容器中
    public ShiroFilterFactoryBean shiroFilterFactoryBean(){
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(defaultSecurityManager());

        /**
         * shiro内置过滤器，实现权限相关的拦截器
         * anon:无需登录可以访问
         * authc:需要登录才可以访问
         * */

        Map<String,String> filterMap = new LinkedHashMap<>();
        filterMap.put("/admin/**","anon");
        filterMap.put("/layui/**","anon");
        filterMap.put("/login","anon");
        filterMap.put("/toLogin","anon");
        filterMap.put("/**","authc");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterMap);
        // 不登录自动跳转页面
        shiroFilterFactoryBean.setLoginUrl("/login");
        // 登录后自动跳转的页面
        shiroFilterFactoryBean.setSuccessUrl("/index");
        return shiroFilterFactoryBean;
    }


    /*
    * 权限管理
    * */
    @Bean
    public DefaultWebSecurityManager defaultSecurityManager(){
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        defaultWebSecurityManager.setRealm(userRealm());
        return defaultWebSecurityManager;
    }


    /**
     * 创建Realm ，登录用
     * */
    @Bean
    public UserRealm userRealm(){
        UserRealm userRealm = new UserRealm();
        return userRealm;

    }

    /**
     *
     * thymeleaf 整合 Shiro
     * */

    @Bean
    public ShiroDialect shiroDialect(){
        return  new ShiroDialect();
    }

}
